---
# Source: nextcloud/charts/redis/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: nextcloud-nextcloud-redis
  namespace: nextcloud
  labels:
    app: redis
    release: "nextcloud-nextcloud"
  annotations:
    kube-1password: u54jxidod7tlnpwva37f5hcu5y
    kube-1password/vault: Kubernetes
    kube-1password/secret-text-parse: "true"
type: Opaque

---
# Source: nextcloud/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
  name: nextcloud-nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
  annotations:
    kube-1password: iaz4xmtr2czpsjl6xirhryzfia
    kube-1password/vault: Kubernetes
    kube-1password/secret-text-parse: "true"
type: Opaque

---
apiVersion: v1
kind: Secret
metadata:
  name: nextcloud-s3
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
  annotations:
    kube-1password: 7zanxzbyzfctc5d2yqfq6e5zcy
    kube-1password/vault: Kubernetes
    kube-1password/secret-text-key: s3.config.php
type: Opaque

---
# Source: nextcloud/templates/config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: nextcloud-nextcloud-config
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
data:
  general.config.php: |-
    <?php
    $CONFIG = array (
        'overwriteprotocol' => 'https'
    );
  .htaccess: |-
    # line below if for Apache 2.4
    <ifModule mod_authz_core.c>
    Require all denied
    </ifModule>
    # line below if for Apache 2.2
    <ifModule !mod_authz_core.c>
    deny from all
    </ifModule>
    # section for Apache 2.2 and 2.4
    <ifModule mod_autoindex.c>
    IndexIgnore *
    </ifModule>
  redis.config.php: |-
    <?php
    if (getenv('REDIS_HOST')) {
        $CONFIG = array (
          'memcache.distributed' => '\\OC\\Memcache\\Redis',
        'memcache.locking' => '\\OC\\Memcache\\Redis',
        'redis' => array(
          'host' => getenv('REDIS_HOST'),
          'port' => getenv('REDIS_HOST_PORT') ?: 6379,
          'password' => getenv('REDIS_HOST_PASSWORD'),
          'dbindex'  => getenv('REDIS_DB_INDEX') ?: 0,
        ),
      );
    }
  apache-pretty-urls.config.php: |-
    <?php
    $CONFIG = array (
        'htaccess.RewriteBase' => '/',
    );
  apcu.config.php: |-
    <?php
    $CONFIG = array (
        'memcache.local' => '\\OC\\Memcache\\APCu',
    );
  apps.config.php: |-
    <?php
    $CONFIG = array (
        "apps_paths" => array (
            0 => array (
                    "path"     => OC::$SERVERROOT."/apps",
                  "url"      => "/apps",
                  "writable" => false,
          ),
          1 => array (
                    "path"     => OC::$SERVERROOT."/custom_apps",
                  "url"      => "/custom_apps",
                  "writable" => true,
          ),
      ),
    );
  autoconfig.php: |-
    <?php
    $autoconfig_enabled = false;
    if (getenv('SQLITE_DATABASE')) {
          $AUTOCONFIG["dbtype"] = "sqlite";
        $AUTOCONFIG["dbname"] = getenv('SQLITE_DATABASE');
        $autoconfig_enabled = true;
    } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
          $AUTOCONFIG["dbtype"] = "mysql";
        $AUTOCONFIG["dbname"] = getenv('MYSQL_DATABASE');
        $AUTOCONFIG["dbuser"] = getenv('MYSQL_USER');
        $AUTOCONFIG["dbpass"] = getenv('MYSQL_PASSWORD');
        $AUTOCONFIG["dbhost"] = getenv('MYSQL_HOST');
        $autoconfig_enabled = true;
    } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
          $AUTOCONFIG["dbtype"] = "pgsql";
        $AUTOCONFIG["dbname"] = getenv('POSTGRES_DB');
        $AUTOCONFIG["dbuser"] = getenv('POSTGRES_USER');
        $AUTOCONFIG["dbpass"] = getenv('POSTGRES_PASSWORD');
        $AUTOCONFIG["dbhost"] = getenv('POSTGRES_HOST');
        $autoconfig_enabled = true;
    }
    if ($autoconfig_enabled) {
          $AUTOCONFIG["directory"] = getenv('NEXTCLOUD_DATA_DIR') ?: "/var/www/html/data";
    }
  smtp.config.php: |-
    <?php
    if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
        $CONFIG = array (
          'mail_smtpmode' => 'smtp',
        'mail_smtphost' => getenv('SMTP_HOST'),
        'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
        'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
        'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
        'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
        'mail_smtpname' => getenv('SMTP_NAME') ?: '',
        'mail_smtppassword' => getenv('SMTP_PASSWORD') ?: '',
        'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
        'mail_domain' => getenv('MAIL_DOMAIN'),
      );
    }
---


# Source: nextcloud/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: nextcloud-nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
    app.kubernetes.io/component: app
spec:
  type: ClusterIP
  ports:
  - port: 8080
    targetPort: http
    protocol: TCP
    name: http
  selector:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/component: app
---
# Source: nextcloud/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nextcloud-nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
    app.kubernetes.io/component: app
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app.kubernetes.io/name: nextcloud
      app.kubernetes.io/instance: nextcloud-nextcloud
      app.kubernetes.io/component: app
  template:
    metadata:
      labels:
        app.kubernetes.io/name: nextcloud
        app.kubernetes.io/instance: nextcloud-nextcloud
        app.kubernetes.io/component: app
        nextcloud-nextcloud-redis-client: "true"
    spec:
      priorityClassName: critical
      containers:
      - name: nextcloud
        image: "nextcloud:32.0.1-apache"
        imagePullPolicy: IfNotPresent
        env:
        - name: SQLITE_DATABASE
          value: "nextcloud"
        - name: NEXTCLOUD_ADMIN_USER
          valueFrom:
            secretKeyRef:
              name: nextcloud-nextcloud
              key: nextcloud-username
        - name: NEXTCLOUD_ADMIN_PASSWORD
          valueFrom:
            secretKeyRef:
              name: nextcloud-nextcloud
              key: nextcloud-password
        - name: NEXTCLOUD_TRUSTED_DOMAINS
          value: nextcloud.cluster.fun
        - name: NEXTCLOUD_DATA_DIR
          value: "/var/www/html/data"
        - name: REDIS_HOST
          valueFrom:
            secretKeyRef:
              name: nextcloud-nextcloud-redis
              key: redis-host
        - name: REDIS_PORT
          valueFrom:
            secretKeyRef:
              name: nextcloud-nextcloud-redis
              key: redis-port
        - name: REDIS_HOST_PASSWORD
          valueFrom:
            secretKeyRef:
              name: nextcloud-nextcloud-redis
              key: redis-password
        - name: REDIS_DB_INDEX
          valueFrom:
            secretKeyRef:
              name: nextcloud-nextcloud-redis
              key: redis-db-index
        ports:
        - name: http
          containerPort: 80
          protocol: TCP
        livenessProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: "nextcloud.cluster.fun"
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: "nextcloud.cluster.fun"
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          successThreshold: 1
          failureThreshold: 3
        # Cover case where upgrade is being performed
        startupProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: "nextcloud.cluster.fun"
          failureThreshold: 30
          periodSeconds: 10
        resources:
          requests:
            cpu: 1038m
            memory: 765M
          limits:
            cpu: 1200m
            memory: 765M
        volumeMounts:
        - name: nextcloud-data
          mountPath: /var/www/
          subPath: root
        - name: nextcloud-data
          mountPath: /var/www/html
          subPath: html
        - name: nextcloud-data
          mountPath: /var/www/html/data
          subPath: data
        - name: nextcloud-data
          mountPath: /var/www/html/config
          subPath: config
        - name: nextcloud-data
          mountPath: /var/www/html/custom_apps
          subPath: custom_apps
        - name: nextcloud-data
          mountPath: /var/www/tmp
          subPath: tmp
        - name: nextcloud-data
          mountPath: /var/www/html/themes
          subPath: themes
        - name: nextcloud-config
          mountPath: /var/www/html/config/general.config.php
          subPath: general.config.php
        - name: nextcloud-s3
          mountPath: /var/www/html/config/s3.config.php
          subPath: s3.config.php
        - name: nextcloud-config
          mountPath: /var/www/html/config/.htaccess
          subPath: .htaccess
        - name: nextcloud-config
          mountPath: /var/www/html/config/apache-pretty-urls.config.php
          subPath: apache-pretty-urls.config.php
        - name: nextcloud-config
          mountPath: /var/www/html/config/apcu.config.php
          subPath: apcu.config.php
        - name: nextcloud-config
          mountPath: /var/www/html/config/apps.config.php
          subPath: apps.config.php
        - name: nextcloud-config
          mountPath: /var/www/html/config/autoconfig.php
          subPath: autoconfig.php
        - name: nextcloud-config
          mountPath: /var/www/html/config/redis.config.php
          subPath: redis.config.php
        - name: nextcloud-config
          mountPath: /var/www/html/config/smtp.config.php
          subPath: smtp.config.php
      volumes:
      - name: nextcloud-data
        persistentVolumeClaim:
          claimName: nextcloud-nextcloud-nextcloud
      - name: nextcloud-config
        configMap:
          name: nextcloud-nextcloud-config
      - name: nextcloud-s3
        secret:
          secretName: nextcloud-s3
      # Will mount configuration files as www-data (id: 33) for nextcloud
      securityContext:
        fsGroup: 33
---
# Source: nextcloud/templates/cronjob.yaml
apiVersion: batch/v1
kind: CronJob
metadata:
  name: nextcloud-nextcloud-cron
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
  annotations:
    {}
spec:
  schedule: "*/5 * * * *"
  concurrencyPolicy: Forbid
  failedJobsHistoryLimit: 5
  successfulJobsHistoryLimit: 2
  jobTemplate:
    metadata:
      labels:
        app.kubernetes.io/name: nextcloud
    spec:
      template:
        metadata:
          labels:
            app.kubernetes.io/name: nextcloud
        spec:
          restartPolicy: Never
          containers:
            - name: nextcloud
              image: "nextcloud:32.0.1-apache"
              imagePullPolicy: IfNotPresent
              command: [ "curl" ]
              args:
                - "--fail"
                - "-L"
                - "https://nextcloud.cluster.fun/cron.php"
              resources:
                requests:
                  memory: 200Mi
---
# Source: nextcloud/templates/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nextcloud-nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud-nextcloud
    app.kubernetes.io/component: app
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
  rules:
  - host: nextcloud.cluster.fun
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nextcloud-nextcloud
            port:
              number: 8080
  tls:
    - hosts:
      - nextcloud.cluster.fun
      secretName: nextcloud-ingress